Zoom Security

Updated:  Saturday 4 April 2020

Good morning all,

I hope you are well and (perhaps through the window, at least) enjoying the good weather.

There has been a lot of discussion on the internet in recent days over security whilst using the Zoom app.  Today, I had an email from Zoom with some changes they are making to how the platform operates and so I wanted to communicate the key points to you.

In terms of how this affects our Pilates classes, I want to minimise change as we now have a system that seems to be working well.  However, I must also be mindful of keeping our web-based class environment secure.

Despite all the concerns, Zoom is a relatively safe environment and please do not overly worry, but at the same time, please follow some simple precautions to make things as secure as they can be.

1.  The main concerns over security with the Zoom platform seem twofold.  Firstly, uninvited people entering meetings and they then hijack those meetings and secondly, users clicking on what look like Zoom links but they are in fact links to other websites.  As we are not sharing commercial secrets during our Zoom session, the former is a lesser concern (but I will still address it); the second risk though is something we do have to be mindful of.

2.  I only use two emails:  philnuttridge@aol.com and
pnuttridge@aol.com .  If you are clicking on a Zoom link that I have sent you, it must have come from one of those two email addresses to be genuinely from me.  Whilst the email software on your computer/device may show the name of the sender at the head of each email, this might not be the actual email address from which it was sent.  In the example below, an email from me is shown as coming from ‘Phil’ or ‘Phil Nuttridge’ in my list of received emails.  However, to make sure that is genuinely me, on most devices you can tap or click on the name that is shown and it will reveal the actual email address from which the message was sent.  If it is genuinely from me, the email address shown will be one of those two Aol addresses listed at the start of this point.

Never click on a Zoom link you have received from an unknown source.

 

3.  Please do not share any Zoom links I send to you with anyone else.  If you have a friend who would like to join the class, please just give that friend my email details and let them contact me so that they can receive the class details directly from me.  In that way, point number 2 above will always apply.

4.  If the Zoom app on your device suggests there is an update – and you are confident that message is indeed from Zoom – please perform the update. This makes sure the version of the app you have is up to date and has all the latest security measures.

5.  When you do join one of my classes, it would be useful if your device name included your name so that I can identify you all.  Once in a Zoom meeting, the name that shows on the list of participants is the name of your device as you set it (probably) the first time you used the device.   Often that is fine as you will have called your device something meaningful (like ‘Phil Nuttridge’s iPad’) that clearly shows who you are.  Inevitably though sometimes the name of your device is just ‘iPad’ or ‘iPhone’ which means we cannot identify who you are.  It is possible however, to change the name that is showing in Zoom:  Once in the meeting, if you click or tap on the ‘Participants’ button, you will see a list of who is in the meeting.  One those will be you, and that is indicated by the tag “(me)” appearing at the end of the name.  If you want to change the screen name, tap/click on your name in the list and a menu appears, one item of which is ‘Rename’.  Tap/click that option and choose a name that tells us who you are.

 

6.  I have disabled Waiting Rooms on Zoom.  This means that when you click on an invite to one of my class meetings you come straight through to the session.  If a Waiting Room had been set-up then you have to wait for me to ‘Admit’ you into the room.  Zoom are advising that we use Waiting Rooms so that the meeting host can check all the people who are trying to enter the meeting are genuine BUT this has the disadvantage that if someone is late to the session or loses a connection and has to re-enter, then they cannot join in until I have to come back to the computer to admit them.  For the moment, I will continue operating without Waiting Rooms but review that if we ever have an intruder!

 

Above all, be sensible and use common sense when clicking on Zoom links.

 

See you all soon in a Zoom class.

 

Phil